From: "Alex Bennée" <alex.bennee@linaro.org>
To: Richard Henderson <richard.henderson@linaro.org>
Cc: pbonzini@redhat.com, philmd@linaro.org, laurent@vivier.eu,
deller@gmx.de, Akihiko Odaki <akihiko.odaki@daynix.com>,
qemu-devel@nongnu.org
Subject: Re: [PATCH for-8.1 v10 04/14] linux-user: Use MAP_FIXED_NOREPLACE for initial image mmap
Date: Tue, 08 Aug 2023 10:43:09 +0100 [thread overview]
Message-ID: <87o7jh98bt.fsf@linaro.org> (raw)
In-Reply-To: <20230807163705.9848-5-richard.henderson@linaro.org>
Richard Henderson <richard.henderson@linaro.org> writes:
> Use this as extra protection for the guest mapping over
> any qemu host mappings.
>
> Tested-by: Helge Deller <deller@gmx.de>
> Reviewed-by: Helge Deller <deller@gmx.de>
> Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> linux-user/elfload.c | 9 ++++++---
> 1 file changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/linux-user/elfload.c b/linux-user/elfload.c
> index 36e4026f05..1b4bb2d5af 100644
> --- a/linux-user/elfload.c
> +++ b/linux-user/elfload.c
> @@ -3147,8 +3147,11 @@ static void load_elf_image(const char *image_name, int image_fd,
> /*
> * Reserve address space for all of this.
> *
> - * In the case of ET_EXEC, we supply MAP_FIXED so that we get
> - * exactly the address range that is required.
> + * In the case of ET_EXEC, we supply MAP_FIXED_NOREPLACE so that we get
> + * exactly the address range that is required. Without reserved_va,
> + * the guest address space is not isolated. We have attempted to avoid
> + * conflict with the host program itself via probe_guest_base, but using
> + * MAP_FIXED_NOREPLACE instead of MAP_FIXED provides an extra check.
> *
> * Otherwise this is ET_DYN, and we are searching for a location
> * that can hold the memory space required. If the image is
> @@ -3160,7 +3163,7 @@ static void load_elf_image(const char *image_name, int image_fd,
> */
> load_addr = target_mmap(loaddr, (size_t)hiaddr - loaddr + 1, PROT_NONE,
> MAP_PRIVATE | MAP_ANON | MAP_NORESERVE |
> - (ehdr->e_type == ET_EXEC ? MAP_FIXED : 0),
> + (ehdr->e_type == ET_EXEC ? MAP_FIXED_NOREPLACE : 0),
> -1, 0);
We should probably also check the result == load_addr for the places
where MAP_FIXED_NOREPLACE isn't supported as we have this in osdep.h:
#ifndef MAP_FIXED_NOREPLACE
#define MAP_FIXED_NOREPLACE 0
#endif
See 2667e069e7 (linux-user: don't use MAP_FIXED in pgd_find_hole_fallback)
> if (load_addr == -1) {
> goto exit_mmap;
--
Alex Bennée
Virtualisation Tech Lead @ Linaro
next prev parent reply other threads:[~2023-08-08 9:45 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-07 16:36 [PATCH for-8.1 v10 00/14] linux-user: image mapping fixes Richard Henderson
2023-08-07 16:36 ` [PATCH for-8.1 v10 01/14] linux-user: Adjust task_unmapped_base for reserved_va Richard Henderson
2023-08-08 9:10 ` Alex Bennée
2023-08-08 15:16 ` Richard Henderson
2023-08-08 16:59 ` Alex Bennée
2023-08-08 17:40 ` Richard Henderson
2023-08-08 15:35 ` Helge Deller
2023-08-07 16:36 ` [PATCH for-8.1 v10 02/14] linux-user: Define TASK_UNMAPPED_BASE in $guest/target_mman.h Richard Henderson
2023-08-08 9:19 ` Alex Bennée
2023-08-07 16:36 ` [PATCH for-8.1 v10 03/14] linux-user: Define ELF_ET_DYN_BASE " Richard Henderson
2023-08-07 16:36 ` [PATCH for-8.1 v10 04/14] linux-user: Use MAP_FIXED_NOREPLACE for initial image mmap Richard Henderson
2023-08-08 9:43 ` Alex Bennée [this message]
2023-08-08 11:57 ` Akihiko Odaki
2023-08-08 13:48 ` Alex Bennée
2023-08-08 14:08 ` Akihiko Odaki
2023-08-08 14:20 ` Alex Bennée
2023-08-07 16:36 ` [PATCH for-8.1 v10 05/14] linux-user: Use elf_et_dyn_base for ET_DYN with interpreter Richard Henderson
2023-08-08 9:49 ` Alex Bennée
2023-08-07 16:36 ` [PATCH for-8.1 v10 06/14] linux-user: Adjust initial brk when interpreter is close to executable Richard Henderson
2023-08-08 10:54 ` Alex Bennée
2023-08-07 16:36 ` [PATCH for-8.1 v10 07/14] linux-user: Do not adjust image mapping for host page size Richard Henderson
2023-08-08 10:59 ` Alex Bennée
2023-08-07 16:36 ` [PATCH for-8.1 v10 08/14] linux-user: Do not adjust zero_bss " Richard Henderson
2023-08-08 11:38 ` Alex Bennée
2023-08-08 15:56 ` Richard Henderson
2023-08-07 16:37 ` [PATCH for-8.1 v10 09/14] linux-user: Use zero_bss for PT_LOAD with no file contents too Richard Henderson
2023-08-08 11:43 ` Alex Bennée
2023-08-07 16:37 ` [PATCH for-8.1 v10 10/14] util/selfmap: Rewrite using qemu/interval-tree.h Richard Henderson
2023-08-07 18:17 ` Richard Henderson
2023-08-09 15:11 ` Fix interval_tree_iter_first() to check root node value Helge Deller
2023-08-09 15:23 ` Richard Henderson
2023-08-09 15:53 ` Helge Deller
2023-08-09 16:33 ` Richard Henderson
2023-08-10 21:31 ` [PATCH for-8.1 v10 10/14] util/selfmap: Rewrite using qemu/interval-tree.h Ilya Leoshkevich
2023-08-10 22:06 ` Helge Deller
2023-08-08 6:15 ` Michael Tokarev
2023-08-07 16:37 ` [PATCH for-8.1 v10 11/14] linux-user: Remove duplicate CPU_LOG_PAGE from probe_guest_base Richard Henderson
2023-08-08 11:45 ` Alex Bennée
2023-08-07 16:37 ` [PATCH for-8.1 v10 12/14] linux-user: Consolidate guest bounds check in probe_guest_base Richard Henderson
2023-08-08 11:46 ` Alex Bennée
2023-08-07 16:37 ` [PATCH for-8.1 v10 13/14] linux-user: Rewrite fixed probe_guest_base Richard Henderson
2023-08-08 16:39 ` Alex Bennée
2023-08-07 16:37 ` [PATCH for-8.1 v10 14/14] linux-user: Rewrite non-fixed probe_guest_base Richard Henderson
2023-08-08 16:58 ` Alex Bennée
2023-08-08 17:00 ` [PATCH for-8.1 v10 00/14] linux-user: image mapping fixes Alex Bennée
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87o7jh98bt.fsf@linaro.org \
--to=alex.bennee@linaro.org \
--cc=akihiko.odaki@daynix.com \
--cc=deller@gmx.de \
--cc=laurent@vivier.eu \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.